In recent years, malware analysis entities have enjoyed access to behavior data from computing devices so that behavior log files may be generated. Malware analysis entities include businesses that study behaviors of programs that execute on devices, such as network access attempts and/or other device function invocations. In some examples, the malware analysis entities apply behavior log files to one or more machine learning systems so that predictive patterns may be identified in an effort to prevent malware operations before such malware can cause damage and/or propagate further within one or more computing devices.